<?php
require_once("conf/db_connection.php");
$tbl_name="user";
/*$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="negros_navigation"; // Database name 
$tbl_name="user"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");*/

// username and password sent from form 
$myusername=$_POST['username']; 
$mypassword=$_POST['password'];

// To protect MySQL injection (more detail about MySQL injection )
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);


$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
//die($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1)
{
	// Register $myusername, $mypassword and redirect to file "login_success.php"
	$row_user = mysql_fetch_array($result);
	$user_type = $row_user['type'];
	
	$_SESSION["username_nn"] = $myusername;
	$_SESSION["password_nn"] = $mypassword;
	$_SESSION["type_nn"] = $user_type;
	$_SESSION["trucker_id_nn"] = $row_user['trucker_id'];

	if($user_type=="agent")
	{
		header("location:agent_home.php");
	}
	if($user_type=="trucker")
	{
		header("location:trucker_home.php");
	}
	if($user_type=="bsource")
	{
		header("location:bsource_home.php");
	}
}
else
{
echo "<script type = 'text/javascript'>
		alert('Incorrect Username / Password!');
		window.location.href = 'login.html';
		</script>";
}
?>